webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-08-16 Simple Water Refilling Station Management System 1.0 – Remote Code Execution (RCE) through File Upload
  • webapps
    		•  Matt Sorrell
    2021-08-16 Simple Water Refilling Station Management System 1.0 – Authentication Bypass
  • webapps
    		•  Matt Sorrell
    2021-08-16 NetGear D1500 V1.0.0.21_1.0.1PE – ‘Wireless Repeater’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Securityium
    2021-08-16 CentOS Web Panel 0.9.8.1081 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Dinesh Mohanty
    2021-08-13 RATES SYSTEM 1.0 – Authentication Bypass
  • webapps
    		•  Azumah Foresight Xorlali
    2021-08-13 Simple Image Gallery System 1.0 – ‘id’ SQL Injection
  • webapps
    		•  Azumah Foresight Xorlali
    2021-08-13 Care2x Open Source Hospital Information Management 2.7 Alpha – ‘Multiple’ Stored XSS
  • webapps
    		•  securityforeveryone.com
    2021-08-13 Police Crime Record Management System 1.0 – ‘casedetails’ SQL Injection
  • webapps
    		•  Ömer Hasan Durmuş
    2021-08-13 Police Crime Record Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Ömer Hasan Durmuş
    2021-08-13 easy-mock 1.6.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  LionTree
    2021-08-13 4images 1.8 – ‘limitnumber’ SQL Injection (Authenticated)
  • webapps
    		•  Andrey Stoykov
    2021-08-12 RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections
  • webapps
    		•  Halit AKAYDIN
    2021-08-12 Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)
  • webapps
    		•  RedTeam Pentesting GmbH
    2021-08-12 COVID19 Testing Management System 1.0 – ‘searchdata’ SQL Injection
  • webapps
    		•  Ashish Upsham
    2021-08-10 Simple Library Management System 1.0 – ‘rollno’ SQL Injection
  • webapps
    		•  Halit AKAYDIN
    2021-08-10 WordPress Plugin Picture Gallery 1.4.2 – ‘Edit Content URL’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Aryan Chehreghani
    2021-08-10 Cockpit CMS 0.11.1 – ‘Username Enumeration & Password Reset’ NoSQL Injection
  • webapps
    		•  Brian Ombongi
    2021-08-10 IPCop 2.1.9 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Mücahit Saratar
    2021-08-05 GFI Mail Archiver 15.1 – Telerik UI Component Arbitrary File Upload (Unauthenticated)
  • webapps
    		•  Amin Bohio
    2021-08-05 Moodle 3.9 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  lanz
    2021-08-05 CMSuno 1.7 – ‘tgo’ Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  splint3rsec
    2021-08-04 ApacheOfBiz 17.12.01 – Remote Command Execution (RCE)
  • webapps
    		•  Adrián Díaz
    2021-08-04 Client Management System 1.1 – ‘cname’ Stored Cross-site scripting (XSS)
  • webapps
    		•  Mohammad Koochaki
    2021-08-04 qdPM 9.2 – Password Exposure (Unauthenticated)
  • webapps
    		•  Leon Trappett